Unstable service

Website, Application, Performance
, ,
1

Hello! I have to disable the site today because it is totally unstable access to it.

I had to put an hour on a certificate on my server to keep the site without the DNS / SSL services from you.

What is happening?
Currently it’s inactive

The site is the bookplay.com.br

Thank you

2

Both aron.ns.Cloudflare.com and dale.ns.Cloudflare.com have fully propagated. When I go to https://bookplay.com.br it shows the Lets’s Encrypt certificate. Did you install the Cloudflare certificate on your server as well?

3

It’s showing from LetsEncrypt because I’m with the site Paused on CDN.
I have not installed the Cloudflare Certificate, I am using “SSL FULL”.

I had to install LetsEncrypt now to keep the site online

4

For full you origin server needs to have a certificate (even self-signed), Full (strict) requires a signed certificate and Flexible (not recommended) is the only one not requiring you to install. If you’re using cPanel and want to use Full strict, go to SSL/TLS > Install and Manage SSL for your site (HTTPS) > select your domain > and install Certificate: (CRT), Private Key (KEY) and Certificate Authority Bundle: (CABUNDLE)

https://support.cloudflare.com/hc/en-us/articles/218689638-What-are-the-root-certificate-authorities-CAs-used-with-Cloudflare-Origin-CA-

5

I have a certificate self-signed.

Full SSL: Your origin supports HTTPS, but the certificate installed does not match your domain or is self-signed. Cloudflare will connect to your origin over HTTPS, but will not validate the certificate.

But it’s not the point.

Always worked normally, today that is giving problem of slowness.
I just re-enabled the Site, it is unstable.

6

My apologies, from the original post I wasn’t sure if you had already it running or not.
The issue with the previous self-signed certificate is hard to diagnose at this point why it was no longer valid. Perhaps it could have expired or needed to be reset for whatever reason,
Moving forward, unless you have a specific requirement for self-signed certificates, it would be advantages to move up to Full (strict) with a certificate signed by a CA.

7

Yea, we are thinking of modifying the SSL from the server to the one signed by the CA.

But it should not influence performance

Thank you

8

Without being able to diagnose the previous certificate issues directly, we can only guess. Maybe 404’s maybe something else. It might help to check your origins logs as they’ll provide more details.

1 Like
9

This topic was automatically closed after 30 days. New replies are no longer allowed.